Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS396998.roa
File: AS396998.roa (raw, json)
Hash identifier: OaEaRWuBzuRnXQduqHCmqZBTAHlwWhK+l4z2386D8tM=
Subject key identifier: 79:96:D0:26:84:80:94:8B:03:4D:F4:13:41:74:E4:C0:73:0E:CE:B4
Certificate issuer: /CN=c2302af143c15daad50042d8455e689d0828eca9
Certificate serial: 448CA387D4A3A3900B5DCE59FD8A94D32F728C09
Authority key identifier: C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS396998.roa
Signing time: Mon 11 Sep 2023 18:45:29 +0000
ROA not before: Mon 11 Sep 2023 18:40:29 +0000
ROA not after: Mon 09 Sep 2024 18:45:29 +0000
asID: 396998
IP address blocks: 141.11.104.0/24 maxlen: 24
141.11.196.0/22 maxlen: 24
141.11.230.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.mft
rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
44:8c:a3:87:d4:a3:a3:90:0b:5d:ce:59:fd:8a:94:d3:2f:72:8c:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2302af143c15daad50042d8455e689d0828eca9
Validity
Not Before: Sep 11 18:40:29 2023 GMT
Not After : Sep 9 18:45:29 2024 GMT
Subject: CN=7996D0268480948B034DF4134174E4C0730ECEB4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:45:4d:bf:56:bd:b0:35:42:87:7d:de:b7:2d:
a7:52:04:e6:e5:05:8c:3a:54:4c:6c:c5:38:f1:40:
90:e9:72:41:46:24:cc:b1:32:10:03:b6:c5:3f:1a:
06:da:10:19:79:b7:bd:63:e7:1d:ff:a1:27:3f:31:
30:ac:c3:ce:26:49:7b:e6:78:07:56:cc:ca:d2:f5:
a2:23:a5:55:89:17:fb:15:89:89:51:78:f1:ba:9a:
41:e2:5a:7e:59:bb:24:78:3c:3b:c1:22:76:45:da:
c3:13:80:bc:80:4a:d2:e9:25:95:ee:ce:6e:a9:40:
68:d8:3d:cb:41:44:a5:ee:02:91:e6:c7:87:36:99:
e8:1a:06:ce:f1:ea:b8:98:23:72:26:9d:44:d2:dd:
0d:b0:30:41:fb:3b:10:c5:78:1d:a3:56:15:cc:2d:
01:57:29:6d:50:e5:f3:64:e0:d4:d3:53:e2:95:33:
84:7d:dd:75:52:6b:c5:bc:4d:02:cc:35:c8:28:0e:
2a:7b:b8:64:7c:cf:73:8c:5b:e6:d4:dd:be:77:06:
cb:d8:c5:2e:d2:b5:05:cc:bf:9a:24:7d:24:ef:81:
5a:c2:fb:21:54:5e:82:94:96:e3:84:aa:18:4d:bc:
a8:cb:7f:41:c5:ef:62:95:63:d5:3f:17:5c:3b:0b:
69:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:96:D0:26:84:80:94:8B:03:4D:F4:13:41:74:E4:C0:73:0E:CE:B4
X509v3 Authority Key Identifier:
keyid:C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS396998.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.11.104.0/24
141.11.196.0/22
141.11.230.0/23
Signature Algorithm: sha256WithRSAEncryption
64:5c:43:97:00:34:9c:16:b6:84:f0:e7:dc:a4:37:3e:c9:e0:
31:f0:79:02:f3:fe:10:01:db:85:0e:49:68:9b:25:14:b1:2d:
fa:4e:f7:5b:83:a7:60:5d:b2:f2:f0:90:c0:91:a9:fd:d4:44:
0f:df:91:73:29:76:1c:01:34:19:7d:3d:ac:2a:80:96:30:57:
f5:9d:93:d0:08:6c:e9:be:4e:69:e5:47:6c:89:fe:d3:13:00:
9b:c9:bd:05:49:ae:d6:ca:48:81:98:26:fe:3e:82:e5:65:96:
25:2c:70:80:19:6a:e0:04:1d:34:e5:e9:cb:fc:24:6e:79:5a:
80:ab:80:2c:cf:e4:e4:84:ca:a8:58:61:4c:db:95:00:29:00:
42:57:a4:2a:a3:00:6f:e8:42:e5:a7:58:d0:5f:51:36:ae:95:
23:5a:21:8d:46:99:32:d7:f9:4b:cb:5e:7e:f6:24:de:0d:0d:
96:bf:58:47:4b:71:47:a8:a2:46:e2:9f:2a:79:5a:91:52:4b:
cc:0c:fd:ae:ae:85:8a:d2:ca:f0:c0:bd:4c:5f:51:d2:83:b4:
e8:6a:ca:63:0e:bb:c9:9d:69:73:3a:33:72:42:dc:b3:27:ac:
ed:ad:ae:04:7d:12:f8:fe:20:2a:fe:20:b8:99:73:77:bd:92:
f7:db:92:a8
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgIURIyjh9Sjo5ALXc5Z/YqU0y9yjAkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzIzMDJhZjE0M2MxNWRhYWQ1MDA0MmQ4NDU1ZTY4OWQw
ODI4ZWNhOTAeFw0yMzA5MTExODQwMjlaFw0yNDA5MDkxODQ1MjlaMDMxMTAvBgNV
BAMTKDc5OTZEMDI2ODQ4MDk0OEIwMzRERjQxMzQxNzRFNEMwNzMwRUNFQjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvRU2/Vr2wNUKHfd63LadSBObl
BYw6VExsxTjxQJDpckFGJMyxMhADtsU/GgbaEBl5t71j5x3/oSc/MTCsw84mSXvm
eAdWzMrS9aIjpVWJF/sViYlRePG6mkHiWn5ZuyR4PDvBInZF2sMTgLyAStLpJZXu
zm6pQGjYPctBRKXuApHmx4c2megaBs7x6riYI3ImnUTS3Q2wMEH7OxDFeB2jVhXM
LQFXKW1Q5fNk4NTTU+KVM4R93XVSa8W8TQLMNcgoDip7uGR8z3OMW+bU3b53BsvY
xS7StQXMv5okfSTvgVrC+yFUXoKUluOEqhhNvKjLf0HF72KVY9U/F1w7C2nlAgMB
AAGjggIWMIICEjAdBgNVHQ4EFgQUeZbQJoSAlIsDTfQTQXTkwHMOzrQwHwYDVR0j
BBgwFoAUwjAq8UPBXarVAELYRV5onQgo7KkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTkzY2I1NWMtOTU3MS00NGM4LTkwZTEtOTY1YjkyNzY5
ZTRlLzAvQzIzMDJBRjE0M0MxNURBQUQ1MDA0MkQ4NDU1RTY4OUQwODI4RUNBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3dqQXE4VVBCWGFyVkFFTFlSVjVvblFn
bzdLay5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2E5M2NiNTVjLTk1NzEt
NDRjOC05MGUxLTk2NWI5Mjc2OWU0ZS8wL0FTMzk2OTk4LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAjQto
AwQCjQvEAwQBjQvmMA0GCSqGSIb3DQEBCwUAA4IBAQBkXEOXADScFraE8OfcpDc+
yeAx8HkC8/4QAduFDklomyUUsS36Tvdbg6dgXbLy8JDAkan91EQP35FzKXYcATQZ
fT2sKoCWMFf1nZPQCGzpvk5p5Udsif7TEwCbyb0FSa7WykiBmCb+PoLlZZYlLHCA
GWrgBB005enL/CRueVqAq4Asz+TkhMqoWGFM25UAKQBCV6QqowBv6ELlp1jQX1E2
rpUjWiGNRpky1/lLy15+9iTeDQ2Wv1hHS3FHqKJG4p8qeVqRUkvMDP2uroWK0srw
wL1MX1HSg7ToaspjDrvJnWlzOjNyQtyzJ6ztra4EfRL4/iAq/iC4mXN3vZL325Ko
-----END CERTIFICATE-----
Generated at Sun May 5 14:38:07 2024 by rpki-client on console-ams.rpki-client.org